<?php

namespace c\auth;

/**
 * 制作:  叶风
 * Qq:    355007778
 * Email: ye.fn@163.com
 */
class permission extends \control
{

	function login($re = false)
	{
		if (is_array(\YF_f::$arr['login_user']))
			return true;

		$_cook = \YF_f::get_cookie('login_u');
		$cook = explode('|', $_cook);
		$id = intval($cook[0]);

		// 未登录
		if ($id < 1)
		 {
			if ($re)
			 {
				\YF_f::$login_user_id = 0;
				return false;
			 }
			\YF_f::initC('\c\user\login')->g();
		 }

		$res = $this->db->getOne('user', 'id,au_group_ids,name,password,state,email,expiry,online_time,pic,grade_id', 'id=' . $id);
		$res['dis_name'] = $res['name'];
		if ($res['expiry'])
		 {
			$_ex = json_decode($res['expiry'], TRUE);
			if ($_ex['date'] <= date('Y-m-d'))
			 {
				if ($_ex['au_group_ids'])
				 {
					$res['au_group_ids'] = $_ex['au_group_ids'];
					$_ud = array('expiry' => '', 'au_group_ids' => $_ex['au_group_ids']);
				 }
				else {
					$res['state'] = 0;
					$_ud = array('expiry' => '', 'state' => 0);
				 }
				$this->db->save('user', $_ud, 'id=' . $id);
				\log::write('user', 'expiry', $id);
			 }
		 }
		if ($res['state'] < 1 or $cook[1] != substr($res['password'], 2, 10))
		 {
			if ($re)
			 {
				\YF_f::$login_user_id = 0;
				return false;
			 }
			\YF_f::initC('\c\user\login')->g();
		 }

		//更新在线时间
		if (UNIX_TIME - $res['online_time'] > 360)
		 {
			$this->db->save('user', array('online_time' => UNIX_TIME), 'id=' . $id);
			$ct = intval(\YF_f::get_cookie('cookieTime'));
			if ($ct)
			 {
				\YF_f::set_cookie('cookieTime', $ct, $ct);
				\YF_f::set_cookie('login_u', $_cook, $ct);
			 }
		 }

		// 整理
		$res['au_group_ids'] = $res['au_group_ids'] === '' ? 0 : intval_ids($res['au_group_ids']);

		//赋值
		\YF_f::$login_user_id = $res['id'];
		unset($res['password'], $res['expiry'], $res['id']);
		\YF_f::$arr['login_user'] = $res;
		return TRUE;
	}

	/**
	 * 权限认证,
	 * 如果未登录，则跳转登录窗
	 * 
	 * @param string $m 模块
	 * @param string $o 操作，可以多个a|b
	 * @param int $i 元素ID
	 * @param string $re =item 返回认证条件
	 * @return boolean
	 */
	function check($m, $re = '')
	{
		$this->login();

		//系统用户
		if (\YF_f::$login_user_id == 1)
			return true;

		$gids = \YF_f::$arr['login_user']['au_group_ids'];
		$mark = $this->db->escape($m);
		$tables = array('m' => array('as' => 'au_module'),
			'g' => array('as' => 'au_group', 'on' => 'FIND_IN_SET(m.id, g.module_ids)', 'join' => 'JOIN'));
		$b = $this->db->get($tables, 'm.id', "g.id IN($gids) AND mark='$mark'");
		if ($b)
			return true;
		if ($re)
			return false;

		$this->clue(\lang::g('action deny'));
	}

	function getModule()
	{
		$gids = \YF_f::$arr['login_user']['au_group_ids'];
		$tables = array('m' => array('as' => 'au_module'),
			'g' => array('as' => 'au_group', 'on' => 'FIND_IN_SET(m.id, g.module_ids)', 'join' => 'JOIN'));
		$res = $this->db->getCol($tables, 'm.mark', "g.id IN($gids)");
		return $res;
	}

	/**
	 * 以用户ID加密
	 * @param string $s
	 * @return string
	 */
	function u_ed($s)
	{
		$this->login();
		return \encrypt::q_ed($s, \YF_f::$login_user_id);
	}

	function u_de($s)
	{
		$this->login();
		return \encrypt::q_de($s, \YF_f::$login_user_id);
	}

}
